Thunderbird is storing attachements that the user wanted to 'open' without 'downloading' them, and the content of the clipboard, in /home/amnesia/.thunderbird/profile.default/tmp/, and never erase them (I found files created in september in here).

At least, I think that Thunderbird should not keep those files from one session to another, and that encrypted attachements should not be stored in clear, even until the end of the session.

Right, we use a custom $TMPDIR to avoid having to grant Thunderbird access (once we confine it with AppArmor eventually) to all kinds of files in /tmp owned by the amnesia user.

So, it seems that Thunderbird relies on the OS to clean up the temporary directory it uses regularly, which happens for /tmp on most systems. I think that's a bug, i.e. Thunderbird should delete temporary files once it doesn't need them anymore, and worst case when the app is closed. Keeping such files around for potentially weeks doesn't make much sense to me. I'll check if this problem is known upstream, and will report it if not.

Worst case we'll clean up the content of ~/.thunderbird/profile.default/tmp/ ourselves as a temporary workaround in our Thunderbird wrapper script… even though we try to avoid messing with the user' data when we can avoid it.

@Usul: if you want to keep following this ticket, fine; otherwise just say the word and I'll remove you from the watchers list :)

While testing I found out that the files in TMPDIR gets deleted when Thunderbird is closed. Any leftovers there are probably appearing when one shutdown Tails without closing Thunderbird first (or it segfaults). I does not remove how relevant this branch is though, so I've merged it.

While testing I found out that the files in TMPDIR gets deleted when Thunderbird is closed. Any leftovers there are probably appearing when one shutdown Tails without closing Thunderbird first (or it segfaults). I does not remove how relevant this branch is though, so I've merged it.

Yeah, makes sense to merge it anyway since we have no other mechanism to clean up stray files in there when there are any. Thanks for the careful testing!